PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-34876 Mbed TLS CVE debrief

CVE-2026-34876 is an out-of-bounds read vulnerability in Mbed TLS 3.x before 3.6.6. The vulnerability exists in the mbedtls_ccm_finish() function in library/ccm.c, which allows attackers to obtain adjacent CCM context data via invocation of the multipart CCM API with an oversized tag_len parameter. This is caused by missing validation of the tag_len parameter against the size of the internal 16-byte authentication buffer. The issue affects the public multipart CCM API in Mbed TLS 3.x, where mbedtls_ccm_finish() can be invoked directly by applications. In Mbed TLS 4.x versions prior to the fix, the same missing validation exists in the internal implementation; however, the function is not exposed as part of the public API. Exploitation requires application-level invocation of the multipart CCM API.

Vendor
Mbed TLS
Product
Mbed TLS
CVSS
HIGH 7.5
CISA KEV
Not listed in stored evidence
Original CVE published
2026-04-02
Original CVE updated
2026-06-05
Advisory published
2026-04-02
Advisory updated
2026-06-05

Who should care

Users of Mbed TLS 3.x before version 3.6.6 should be aware of this vulnerability and take steps to mitigate it.

Technical summary

The vulnerability has a CVSS score of 7.5 and is classified as HIGH severity. It can be exploited via the multipart CCM API with an oversized tag_len parameter, allowing attackers to obtain adjacent CCM context data.

Defensive priority

HIGH

Recommended defensive actions

  • Upgrade to Mbed TLS version 3.6.6 or later.
  • Review and update applications that use the multipart CCM API to ensure they are not vulnerable to this issue.

Evidence notes

The vulnerability was discovered in Mbed TLS 3.x before 3.6.6.

Official resources

CVE-2026-34876 was published on 2026-04-02T16:16:26.180Z and modified on 2026-06-05T19:38:32.047Z.